|
|
|
|
|
|
by anderslemke
2048 days ago
|
|
|
I'm really happy that you're willing to take this discussion with me. I totally understand what makes IndieAuth is a good solution. And it seems really easy. For me. But I have no idea how I would go about explaining it to, let's say, my mom. Apple is offering something very similar to what Promise does. The difference is that Apple is a commercial corporation. Which means they're in the game to make money. Promise will be in the game to make authentication easy, secure and private. In many ways I compare the goal of Promise, with the goal of DNS. Take a commodity and make it available globally in a reliable way. Yes, it will be a single point of failure. So the job of Promise will in large be, to keep the platform secure and reliable. |
|
|
Apple is a commercial corporation, and one of the biggest (by market cap) companies in the world. That gives me confidence that they'll be around for a long time, have sufficient resources to invest in security and reliability, and they have a well-established reputation for a focus on security. They do other things I don't like[1], but I think this is one area where they're setting really good precedent.
In addition, it's going to be difficult getting any sites (outside of maybe the crypto/grey-market) to adopt an auth system that doesn't let them contact their users. This is also I think a big failing of IndieAuth.
[1]:https://sneak.berlin/20201112/your-computer-isnt-yours/